Product showcase: Alert – Data breach detector for your email, credit card, and ID
Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few months. One of the most common ways data breaches …
Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by …
Despite increased budgets, organizations struggle with compliance
Only 40% of organizations feel fully prepared to meet the compliance demands of rising cybersecurity regulations, according to a new Swimlane report. Organizations still feel …
Worried about job security, cyber teams hide security incidents
The frequency and severity of cyberattacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, …
Effective GRC programs rely on team collaboration
One in three organizations are not currently able to proactively identify, assess, and mitigate risk with their GRC program, nor are they able to ensure compliance with …
New infosec products of the week: May 24, 2024
Here’s a look at the most interesting products from the past week, featuring releases from CyberArk, OneTrust, PlexTrac, and Strike Graph. CyberArk CORA AI accelerates …
Compromised courtroom recording software was served from vendor’s official site
Courtroom recording software JAVS Viewer has been saddled with loader malware and has been served from the developer’s site since at least April 2, a threat researcher …
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned …
HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific …
CISOs pursuing AI readiness should start by updating the org’s email security policy
Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on …
Strategies for transitioning to a SASE architecture
In this Help Net Security, Prakash Mana, CEO at Cloudbrink, discusses the primary challenges companies face when transitioning to a SASE architecture and how to overcome them. …
Ransomware fallout: 94% experience downtime, 40% face work stoppage
Within the last 12 months, 48% of organizations identified evidence of a successful breach within their environment, according to Arctic Wolf. To fully understand the gravity …